I have situation where I need to create a view which will be used by end user who may have PII and NON-PII permission clearance controlled by AD groups.
Say i have dim_customer which contains four columns ID, Name, DoB, Country. When PII user runs
Select ID, Name, DoB, Country FROM dim_customer
the pii user should get
ID NAME DoB Country
1 John 1999-10-10 US
If the same query is run by NON-PII user then they should get
ID NAME DoB Country
1 PII DATA PII DATA US
So basically same view object is used but data is displayed according to the pii clearance.
I dont want to create two views with pii and non-pii suffix.
I tried column level permission but that means when end user try the above
query they get error "no select permission on Name and DoB Columns"
I have tried Data Masking but that shows "XXXX" and i would prefer "PII
Data".
I am looking for a solution where the query runs successfully and show results as above.
Is this possible in SQL Server ?
thanks in advance
Create two roles, one that allows PII data, and one that doesn't. Put each user into one role or the other. Than write your view
Select
ID,
Name,
CASE
WHEN IS_ROLEMEMBER ('pii_role') = 1 THEN DoB
ELSE 'PII Data'
END as DoB,
Country
FROM dim_customer
Related
I have a junction object called "JIRA_Data" and its linked/ related to Accounts. How do I query to fetch data from this relationship. I am trying to extract id,type from Account object and Name from JIRA_Data junction object.
Could anyone assist. Thanks
You could do it multiple ways depending on how you want the data. If you query it from the parent account it would be something to the effect:
SELECT Id, Name, (Select ID, Name, Other_Parent__r.Name FROM Jira_Datas__r) FROM Account
or from the junction
SELECT Id, Name, Account.Name, Other_Parent__r.Name FROM Jira_Data__c
I have 170+ reports and our customer would like to decrypt some of data.
For example: report returns first/last name with address, Personal Identification Number etc.
What I need to do is somehow massively change all reports table name, from Contact to Contact_R (which already include encrypted data) OR maybe there is any way to create something like trigger but in SQL Server, so I could edit query (with replace table name) before it will be executed, fe.
SELECT firstName, lastName FROM Contact
becomes
SELECT firstName, lastName FROM Contact_R
Hi I am using visual studio 2015 to make an SSRS 2014 report.
The place I am stuck at is my email recipient is dependent on what company is selected from the SSRS report.
Not that it should matter but my report parameters are Company
(really companyID),begdat,enddate.
select email from users where companyid= #companyid<< which would be my selection.
Most examples I see have a defined list of emails or just 1 person to email. I want to send a report per company only to the users of that company aka dynamic recipient list.
Modify your query as: select email, companyid from users
At the next step in select an option Get the value from the database for the TO field and set it to email.
At the next step change your company option to Get the value from the database and set it to companyid.
Then users from company CompanyA will receive only a CompanyA report, and CompanyB - only a CompanyB report.
You could debug the subscription using temporary query with only your email:
select email='your#email', companyid = 'CompanyAid'
UNION ALL
select email='your#email', companyid = 'CompanyBid'
I work on tracking diseases for a public health org, and one of the complicated ones we deal with is Tuberculosis. I've developed an Access database with multiple forms and tabs to track any "Active TB case" (parent) to "Contacts" (child). The Active TB patient may have 20 or so contacts, but months down the line any one contact may become an Active TB case. The database tracks nearly 60 variables for the contact cases, but I want a few of these variables to be added into the parent table/form once they become an Active TB case.
I have two tables that will interface, one called Contact Info and the other Case Info.
Contact Info contains the following variables that will be added into the Case Info table: Contact#
Old#
MRN
Lastname
Firstname
Middlename
DOB
Sex
Case Info table contains: Case#
Old#
MRN
Last
First
Middle
DOB
Sex
You can see how the variables from Contact info should link with the corresponding variables in the Case Info table.
How can I have the "child" become the "parent"? I wanted to add a button on the child record that will do this.
Thanks in advance! I really appreciate the help.
Simply run an append query that filters on the specific patient which can be read from a form control (i.e., indicator on child form). Below assumes MRN as the criteria.
INSERT INTO [Case Info] ([Case#], [Old#], [MRN], [Last], [First],
[Middle], [DOB], [Sex])
SELECT [Contact#], [Old#], [MRN], [Lastname], [Firstname],
[Middlename], [DOB], [Sex]
FROM [Contact Info]
WHERE [MRN] = Forms!myform!txtMRN
Append query can be a saved query and called behind form button with DoCmd.OpenQuery (same macro command) or run as action query in VBA with DoCmd.RunSQL or DAO's CurrentDb.Execute making sure the form value is concatenated to SQL string or better yet passed as parameter.
I am trying to UPDATE usernames to our database, but I have problem with UQ.
In our schema we have corporate admin users and contacts in the same table. Every corporate has 1 admin user which where composed by taking 6 characters from their name and adding running number (if there were 6 character duplicates).
For example:
CompanyName: Test Company
UserName: testco-1
Running number with admin users (with the same 6 character start) varies from 1 to 15(ish).
Our contact table has column CorporateAdminId which is set to NULL with Admin users, but contacts are referred to admin user with this field. So the table has a relationship to itself.
NOTE: Before contacts did not have usernames
Because software upgrades our contacts need to have username also. Usernames to contacts are created with the same rule (6 char+running number) and the first 6 characters are defined by AdminUserId reference (not the contacts own corporate name)
For example:
AdminUserId: GUID (Refers to Test Company)
CompanyName: Data miner
UserName: testco-2
My problem here is that how can I count how many usernames there are in the database at the moment that start f.e with 'testco' and add this number to the running number that I use to create contact usernames (so there will be no collissions with UQ)
EDIT: Current query used in update
SELECT LEFT(LOWER(REPLACE(A.CorporateName, ' ','')), 10)+'-
'+CAST(COUNT(*) OVER(PARTITION BY
SUBSTRING(A.Username,1,CHARINDEX('0',A.Username)))+(ROW_NUMBER()
OVER(PARTITION BY B.AdminUserId ORDER BY
LEFT(LOWER(REPLACE(A.CompanyName, ' ','')),10))) as nvarchar(255)) FROM
Contact B INNER JOIN Contact A ON a.Id = B.AdminUserId
Problem with this is that It adds the number of rows that are going to be updated instead of rows that have username as 'xxxxxx' in db.
select username, left(username, 6)
, row_number() (partition by left(username, 6) order by username) rn
from table